package com.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;

import java.util.ArrayList;

@EnableWebSecurity(debug = true)
@Configuration
public class WebConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.requestMatchers().antMatchers("/**").and()
                .authorizeRequests(s->{
                    s.antMatchers("/post").hasAuthority("read.message")
                            .anyRequest().authenticated();
                }).
                formLogin().permitAll();
    }

    /**
     * todo  try to add the additonalCheck  from  the openId to verify the user.
     */

//    @Bean
//    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
//
//    }

    @Bean
    public UserDetailsService userDetailsService() {
        ArrayList<UserDetails> users = new ArrayList<>();
        users.add(User.withUsername("user").password("{bcrypt}$2a$10$Nl8zvMdhS0l22hBR.hAsNuQeMWH0.dgVRC/4.a0ny37SiI2Hbc4iW").roles("USER").build());
        users.add(User.withUsername("user1").password("{bcrypt}$2a$10$6r4WkpfuAZ/k7UnoOwtXo.QsMTO.nBz2wZKtwG63t3VcFQj1BXxqC").roles("POST").build());
        return new InMemoryUserDetailsManager(users);
    }

}
